[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2000-0573Date: (C)2000-07-07   (M)2023-12-22


The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-1387
http://marc.info/?l=bugtraq&m=96171893218000&w=2
http://marc.info/?l=bugtraq&m=96179429114160&w=2
http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail%40fiver.freemessage.com
http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html
http://marc.info/?l=bugtraq&m=96299933720862&w=2
http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html
AA-2000.02
CA-2000-13
CSSA-2000-020.0
FreeBSD-SA-00:29
NetBSD-SA2000-009
RHSA-2000:039
wuftp-format-string-stack-overwrite(4773)

CPE    1
cpe:/o:hp:hp-ux:11.00

© SecPod Technologies